Slide 1 Of 30 ISO 13485:2016 - Medical Devices Group
Slide 1 of 30ISO 13485:2016Scope of Stage 1 AuditsRob Packard, .com
Slide 2 of 30Goals of Stage 1 Audit Audit the documentation system – “Old Way”Evaluate location & preparedness for Stage 2Review status & understanding of requirementsCollect information on the scopeReview allocation of resources and review details ofStage 2 Provide a focus for planning the Stage 2 Evaluate if internal audit & management review areplanned, performed and fully implementedRob Packard, .com
Slide 3 of 30Why Risk-Based? 21 CFR 820 – 1 instance of the word “risk”ISO 9001:2008 – 3 instances of the word “risk”ISO 9001:2015 – 43 instances of the word “risk”ISO 13485:2003 – 4 instances of the word “risk”ISO 13485:2016 – 32 instances of the word “risk”“13485 Plus” is a guidance document that waspublished by the Canadian Standards Association inFebruary 2006. I have been recommending it overall other guidance documents for quality systemimplementation since 2010. It mentions the word“risk” 60 06Rob Packard, .com
Slide 4 of 30Annex A “Comparison of content between ISO 13485:2003 and ISO13485:2016” Changes to almost every single clause, but overallstructure is maintained Most changes are clarification Does not provide a side-by-side comparison table in TableA.1 as was provided in the DIS2 released in February 2015 Annex B provides two comparison tables between ISO13485:2016 and ISO 9001:2015, but italics text has beeneliminated within the Standard to identify differences.Rob Packard, .com
Slide 5 of 30Auditing ISO 13485:2016 Develop a regulatory checklist foreach of the 29 required processes Spread the pain by assigning aprocess owner to each process. Identify which procedures, formsand records are associated witheach process. Develop a quality system plan forupdating each process. Perform procedural audits 1st time.Expert tipRob Packard, .com
Slide 6 of 30Clause 0.1 - General Introduction – “meet customer and applicableregulatory requirements for safety andperformance.” Recommend adding language toQuality Policy during next management review. Documentation does not need to align with clausestructure of the international standard (helpful fororganization that want to maintain both ISO 13485and ISO 9001 certification).Note: red italics font indicates what’s new.Rob Packard, .com
Slide 7 of 30Clause 0.2 – Clarification of Concepts “As appropriate” is considered required if it isrequired for:– “compliance with applicable regulatoryrequirements,– the organization to manage risks.”Rob Packard, .com
Slide 8 of 30Clause 1 - Scope Application of Standard can be extended tosuppliers and service providers. Non-applicability can be extended to Clauses 6and 8 instead of just Clause 7.Rob Packard, .com
Slide 9 of 30Exclusions / Non-Applicability Clause 7.3 remains the only clause that can be excluded Within Clauses 6, 7 and 8 the following might be not applicable:–––––––––––6.4 – Work environment (e.g., software products)7.5.2 – Cleanliness of product7.5.3 – Installation7.5.4 – ServicingInclude justification for7.5.5 – Sterile Deviceseach area of non7.5.6 – Process Validationapplicability.7.5.7 – Sterilization Validation7.5.9.2 – Implantable Devices7.5.10 – Customer property7.6 – Calibration8.3.4 – ReworkCaution: Many clauses remain applicable, because they must beRob Packard, Presidentcontrolled as an outsourced com
Slide 10 of 30Clause 3 - Definitions 8 definitions in ISO 13485:200316 definitions in ISO 13485:201x (DIS2)20 definitions in ISO 13485:2016Definitions no longer included:–– New �– Active implantable medical deviceActive medical deviceConsider using a glossaryinstead of definitions ineach procedure.Authorized representativeClinical evaluationDistributorImporterLife cycleManufacturerMedical device family (not in DIS2)Performance evaluationPost market surveillanceProduct (not in DIS2)Purchased product (not in DIS2)Risk (same as ISO 14971:2007, but different from ISO 9001:2015)Risk managementSterile barrier system (not in DIS2)Expanded Definitions–––Complaint (added services)Labeling (added advertising and marketing information)Medical device (identifies possible definition differences)Rob Packard, .com
Slide 11 of 30Clause 4Rob Packard, .com
Slide 12 of 30Clause 4 Changes 29 Required Procedures instead of 19Clause 4.1 – Significant changesClause 4.2.1. – expanded general requirementsClause 4.2.2 – no changesClause 4.2.3 is new – Medical device fileClause 4.2.4 – minor addition to match QSRClause 4.2.5 – no changesHopefully harmonization with MDDRob Packard, Presidentwww.MedicalDeviceAcademy.comwill be improved due to 4.2.3.rob@13485cert.com
Slide 13 of 30Clause 4.1 - General Clause 4.1.1 – addition of regulatoryrequirements Clause 4.1.2 – addition of a risk-based approach Clause 4.1.3 – reformat of 4.1 and addition ofrecordsAdd risk-based approach to all processes in yourquality system documentation section of your qualitymanual (i.e., Clause 4.1.2). Tabular structure is ideal.Rob Packard, .com
Slide 14 of 30Clause 4.1 - General Clause 4.1.4 – Changes to quality managementsystem processes shall be:a) “evaluated for their impact on the qualitymanagement system,b) evaluated for their impact on medical devicesproduced under this quality management system,c) controlled in accordance with the requirements ofthis International Standard and applicableregulatory requirements.”Your quality plan for the change toISO 13485:2016 must address this.Rob Packard, .com
Slide 15 of 30Clause 4.1 - General Clause 4.1.5 – Controls for outsourced processes“shall include written quality agreements.”Supplier quality management process must requirea written quality agreement and controlledtemplates are recommended for each supplier type.Rob Packard, .com
Slide 16 of 30Clause 4.1 - General Clause 4.1.6 – Validation of software used inquality system require procedures.I am asked if this is required frequently.Now it’s required.Rob Packard, .com
Slide 17 of 304.2.4 - Control of Documents This clause was 4.2.3. Clause 4.2.4h) - prevent deterioration or lossof documents, and“Storage in fireproof cabinets may not be expectedroutinely in most locations, but controls to ensureintegrity of records and protection fromearthquake would be expected of some Californiamanufacturers.”Rob Packard, .com
Slide 18 of 30Clause 5Rob Packard, .com
Slide 19 of 30Clause 5 Changes Clause 5.1 – no changeClause 5.2 – added regulatory requirementsClause 5.3 – no changeClause 5.4.1 – added regulatory requirementsClause 5.4.2 – no changeClause 5.5.1 – no changeClause 5.5.2 – minor changes to wordingClause 5.5.3 – no changeClause 5.6.1 – added documentation of intervalClause 5.6.2 – added complaint handling and reportingClause 5.6.3 – added changes to address new and revisedregulatory requirementsRob Packard, .com
Slide 20 of 30Management Review InputsI will be revising templateClause 5.6.2and procedure again toa) Feedbackreflect differences betweenb) Complaint handlingDIS2 and Final version.c) Regulatory reportingd) Auditse) Monitoring & measurement of processesf) Monitoring & measurement of productg) Corrective actionsh) Preventive actionsi) Follow-up of actions from previous management reviewsj) Changes that could affect QMSk) Recommendations for Improvementl) New or revised regulatory requirementsRob Packard, .com
Slide 21 of 30Management Review Outputs Recommend documenting the next scheduledmanagement review and a justification forchanges (this was only in DIS2, but stillrecommended). Recommend documentation actions to addressnew and revised regulatory requirements asmanagement review action items (this is arequirement).Rob Packard, .com
Slide 22 of 30Clause 8 (just Stage 1)Clause 8.2.2 is new – Complaint handlingClause 8.2.3 is new – Regulatory reportingClause 8.2.4 – was Clause 8.2.2, but no changeClause 8.5.2 / 8.5.3 – reorg and added planningRob Packard, .com
Slide 23 of 30Common Deficiencies inComplaint Handling Procedure Failure to:– Capture all complaints– Include time limits for investigation and reportingdecisions– Extend the investigation to other potentiallyaffected product– Document reason for no investigation– Document reason for no corrective actionRob Packard, .com
Slide 24 of 30Reporting Regulations Canada Mandatory Problem Reporting– http://www.hc-sc.gc.ca/dhpmps/pubs/medeff/ guide/2011-devicesmateriaux/index-eng.php Europe Vigilance Reporting– hments/1/translations/en/renditions/native US Medical Device Reporting (21 CFR 803)– pdf– pdfRob Packard, .com
Slide 25 of 30“Death by CAPA”We use a riskbased approachWe alwaysinitiate a e-a-riskbased-capa-process/Rob Packard, .com
Slide 26 of 30Corrective ActionClause 8.5.2 reviewing nonconformities (including customercomplaints), determining the causes of nonconformities, evaluating the need for action to ensure thatnonconformities do not recur, planning and documenting action needed verification that corrective actions do not have adverseeffects reviewing corrective action taken and its effectiveness recording of the results of any investigation and of actiontakenRob Packard, .com
Slide 27 of 30Preventive ActionClause 8.5.3 determining potential nonconformities, evaluating the need for action to ensure thatnonconformities do not recur, planning and documenting action needed verification that corrective actions do not haveadverse effects reviewing corrective action taken and itseffectiveness recording of the results of any investigation and ofaction takenRob Packard, .com
Slide 28 of 30Key Elements of CAPA Forms Provide Enough Room“15 Tips for Creating an Effective CAPA Form”Date clude a /CAPA SourceDescription of IssueInvestigator Assigned & Target Due DateInvestigation of ProblemContainmentCorrection(s)Investigation of Root CauseCorrective Action Plan & Target Due DatePreventive Action Plan & Target Due DateFRM-009, CAPA ReportActions Implemented(sold with CAPA Procedure)Plan for Verification of Effectiveness eness ignature & Closure DateRob Packard, .com
Slide 29 of 30Plan-Do-Celebrate-Check-Act Activities Controls Documentation Resources Objectives Deploy andconformwith eACT Analyze/review Decide/change ImproveeffectivenessCHECK Measure andmonitor forconformity andeffectivenessRob Packard, .com
Slide 30 of 30Q&Arob13485rob@13485cert.comRob Packard 1.802.281.4381Rob Packard, .com
ISO 9001:2008 –3 instances of the word “risk” ISO 9001:2015 –43 instances of the word “risk” ISO 13485:2003 –4 instances of the word “risk” ISO 13485:2016 –32 instances of the word “risk” “13485 Plus” is a guidance document that was publishe
Payroll Factor [Marianne Evans] Specific Industry Apportionment [Kelly Brown] Combined/Consolidated Return Issues [Richard Call] Latest Important Developments Slide 51 [Kelly Brown] Slide 8 - Slide 10 Slide 40 - Slide 44 Slide 45 - Slide 50 Slide 11-Slide 14 Slide 15 - Slide 26 Slide 27 - Slide 33 Slide 34 - Slide 39
San Francisco, California Los Angeles, California Orlando, Florida. Slide 3 What do we do? Slide 4. Slide 5. Slide 6. Slide 7. Slide 8. Slide 9. Slide 10. Slide 11. Slide 12. . IFMA: 2013. What is The Goal. Who or What is Steering the Ship? HIPAA HCAHPS LEED ASHE/FGI Slide 34. Slide 35
ISO 10381-1:2002 da ISO 10381-2:2002 da ISO 10381-3:2001 da ISO 10381-4:2003 da ISO 10381-5:2001 da ISO 10381-6:1993 da ISO 10381-7:2005 ne ISO 10381-8:2006 ne ISO/DIS 18512:2006 ne ISO 5667-13 da ISO 5667-15 da Priprema uzoraka za laboratorijske analize u skladu s normama: HRN ISO 11464:2004 ne ISO 14507:2003 ne ISO/DIS 16720:2005 ne
ISO 10771-1 ISO 16860 ISO 16889 ISO 18413 ISO 23181 ISO 2941 ISO 2942 ISO 2943 ISO 3724 ISO 3968 ISO 4405 ISO 4406 ISO 4407 ISO 16232-7 DIN 51777 PASSION TO PERFORM PASSION TO PERFORM www.mp ltri.com HEADQUARTERS MP Filtri S.p.A. Via 1 Maggio, 3 20060 Pessano con Bornago (MI) Italy 39 02 957
ISO 18400-107, ISO 18400-202, ISO 18400-203 and ISO 18400-206, cancels and replaces the first editions of ISO 10381-1:2002, ISO 10381-4:2003, ISO 10381-5:2005, ISO 10381-6:2009 and ISO 10381-8:2006, which have been structurally and technically revised. The new ISO 18400 series is based on a modular structure and cannot be compared to the ISO 10381
The DIN Standards corresponding to the International Standards referred to in clause 2 and in the bibliog-raphy of the EN are as follows: ISO Standard DIN Standard ISO 225 DIN EN 20225 ISO 724 DIN ISO 724 ISO 898-1 DIN EN ISO 898-1 ISO 3269 DIN EN ISO 3269 ISO 3506-1 DIN EN ISO 3506-1 ISO 4042 DIN
ISO 8402 was published in 1986, with ISO 9000, ISO 9001, ISO 9002, ISO 9003 and ISO 9004 being published in 1987. Further feedback indicated that there was a need to provide users with application guidance for implementing ISO 9001, ISO 9002 and ISO 9003. It was then agreed to re-number ISO 9000 as ISO 9000-1, and to develop ISO 9000-2 as the .
ISO 37120. PAS 181/ISO 37106. PAS 183 – data sharing & IT. PAS 184. PAS 185. a security-minded approach. ISO/IEC 30145 . reference architecture. ISO/IEC . 30146. ISO 37151. ISO 37153. ISO 37156. Data exchange. ISO 37154. ISO 37157. ISO 37158. Monitor and analyse . data. PAS 182/ ISO/IEC 30182. PD 8101. PAS 212. Hypercat. BIM. PAS 184. Role of .
